Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-02-2015 01 Ran by Kuba i Michał (administrator) on KWIATKOW-BS58FY on 27-02-2015 13:30:21 Running from D:\Documents and Settings\Kuba i Michał\Pulpit Loaded Profiles: Kuba i Michał (Available profiles: Kuba i Michał & bot & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polski Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) D:\PROGRA~1\AVG\AVG2015\avgrsx.exe (AVG Technologies CZ, s.r.o.) D:\Program Files\AVG\AVG2015\avgcsrvx.exe (Nero AG) D:\Program Files\Ahead\InCD\InCDsrv.exe (ABBYY InfoPoisk LLC) E:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe (AVG Technologies CZ, s.r.o.) D:\Program Files\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) D:\Program Files\AVG\AVG2015\avgwdsvc.exe (BlueStack Systems, Inc.) D:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) D:\Program Files\BlueStacks\HD-UpdaterService.exe (SEIKO EPSON CORPORATION) D:\Documents and Settings\All Users\Dane aplikacji\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION) D:\Documents and Settings\All Users\Dane aplikacji\EPSON\EPW!3 SSRP\E_S40RP7.EXE (Microsoft Corporation) D:\WINDOWS\system32\inetsrv\inetinfo.exe (UASSOFT.COM) D:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe (http://libusb-win32.sourceforge.net) D:\WINDOWS\system32\libusbd-nt.exe () C:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe (AVG Technologies CZ, s.r.o.) D:\Program Files\AVG\AVG2015\avgnsx.exe (Google Inc.) D:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe (AVG Technologies CZ, s.r.o.) D:\Program Files\AVG\AVG2015\avgemcx.exe (PC Tools) D:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (pdfforge GmbH) D:\Program Files\PDF Architect\HelperService.exe (pdfforge GmbH) D:\Program Files\PDF Architect\ConversionService.exe (Microsoft Corporation) D:\WINDOWS\system32\tcpsvcs.exe (Microsoft Corporation) D:\WINDOWS\system32\snmp.exe (VMware, Inc.) D:\WINDOWS\system32\vmnat.exe (VMware, Inc.) E:\Program Files\vmware-authd.exe (AVG Technologies CZ, s.r.o.) D:\Program Files\AVG\AVG2015\avgui.exe (Realtek Semiconductor Corp.) D:\WINDOWS\RTHDCPL.EXE (Microsoft Corporation) D:\Program Files\Microsoft ActiveSync\wcescomm.exe (BitTorrent Inc.) D:\Documents and Settings\Kuba i Michał\Dane aplikacji\uTorrent\uTorrent.exe (Microsoft Corporation) D:\Program Files\Microsoft ActiveSync\rapimgr.exe (VMware, Inc.) D:\WINDOWS\system32\vmnetdhcp.exe (VMware, Inc.) D:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (Advanced Micro Devices Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [amd_dc_opt] => D:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) HKLM\...\Run: [StartCCC] => D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-22] (Advanced Micro Devices, Inc.) HKLM\...\Run: [AVG_UI] => D:\Program Files\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [MSConfig] => D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [171520 2008-04-15] (Microsoft Corporation) HKLM\...\Run: [RTHDCPL] => D:\WINDOWS\RTHDCPL.EXE [20145368 2013-10-04] (Realtek Semiconductor Corp.) HKLM\...\Run: [Adobe ARM] => D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) Winlogon\Notify\AtiExtEvent: D:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-1078081533-299502267-839522115-1003\...\Run: [H/PC Connection Agent] => D:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation) HKU\S-1-5-21-1078081533-299502267-839522115-1003\...\Run: [swg] => D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-03-30] (Google Inc.) HKU\S-1-5-21-1078081533-299502267-839522115-1003\...\Run: [uTorrent] => D:\Documents and Settings\Kuba i Michał\Dane aplikacji\uTorrent\uTorrent.exe [1942352 2014-09-05] (BitTorrent Inc.) HKU\S-1-5-21-1078081533-299502267-839522115-1003\...\MountPoints2: {71f187ef-3a7b-11e4-a2e8-001fd0b2eb5d} - I:\LG_PC_Programs.exe BootExecute: PDBoot.exeautocheck autochk * sprestrtD:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1078081533-299502267-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tibia.com/community/?subtopic=worlds&world=ra&order=level_asc BHO: No Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> No File BHO: HistoryTriggerBHO Class -> {21A88CB9-84D2-4020-A2D1-B25A21034884} -> D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics) BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> D:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\program files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> D:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> D:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.) BHO: FlashGetBHO -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> D:\Documents and Settings\Kuba i Michał\Dane aplikacji\FlashGetBHO\FlashGetBHO31.dll (Trend Media Group) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\program files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> D:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) BHO: EpsonToolBandKicker Class -> {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} -> D:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - D:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation) Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - D:\WINDOWS\System32\msdxm.ocx (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\Firefox\Profiles\bib4dz1y.default-1425039974812 FF Plugin: @adobe.com/FlashPlayer -> D:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin: @bittorrent.com/BitTorrentDNA -> D:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> D:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> D:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF Plugin: @Google.com/GoogleEarthPlugin -> D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.5.1 -> D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> D:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @ngm.nexoneu.com/NxGame -> D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon) FF Plugin: @pack.google.com/Google Updater;version=14 -> D:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF Plugin: @pandonetworks.com/PandoWebPlugin -> D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin: @tools.google.com/Google Update;version=3 -> D:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> D:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @zylom.com/ZylomGamesPlayer -> D:\Documents and Settings\All Users\Dane aplikacji\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: @acestream.net/acestreamplugin,version=3.0.1 -> D:\Documents and Settings\Kuba i Michał\Dane aplikacji\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: @powerchallenge.com/PowerLoader -> D:\DOCUME~1\KUBAIM~1\DANEAP~1\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: @talk.google.com/GoogleTalkPlugin -> D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: @talk.google.com/O1DPlugin -> D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: @tools.google.com/Google Update;version=3 -> D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: @tools.google.com/Google Update;version=9 -> D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: @unity3d.com/UnityPlayer,version=1.0 -> D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: electronicarts.com/GameFacePlugin -> D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts) FF Plugin HKU\S-1-5-21-1078081533-299502267-839522115-1003: pandonetworks.com/PandoWebPlugin -> D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin ProgramFiles/Appdata: D:\Documents and Settings\Kuba i Michał\Dane aplikacji\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: D:\Documents and Settings\Kuba i Michał\Dane aplikacji\mozilla\plugins\npo1d.dll (Google) Chrome: ======= CHR HomePage: Default -> hxxp://www.gazeta.pl/0,0.html?p=180&d=20140612 CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/0,0.html?p=180&d=20140612" CHR Plugin: (Widevine Content Decryption Module) - D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - D:\Program Files\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - D:\Program Files\Google\Chrome\Application\40.0.2214.115\internal-nacl-plugin No File CHR Plugin: (Chrome PDF Viewer) - D:\Program Files\Google\Chrome\Application\40.0.2214.115\pdf.dll () CHR Plugin: (Microsoft® DRM) - D:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - D:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft® DRM) - D:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Power Challenge Loader) - D:\DOCUME~1\KUBAIM~1\DANEAP~1\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB) CHR Plugin: (Nexon Game Controller) - D:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon) CHR Plugin: (Zylom Plugin) - D:\Documents and Settings\All Users\Dane aplikacji\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) CHR Plugin: (Ace Stream P2P Multimedia Plug-in) - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies) CHR Plugin: (Game Face Plugin) - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts) CHR Plugin: (Google Talk Plugin) - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\plugins\npgoogletalk.dll (Google) CHR Plugin: (Google Talk Plugin Video Renderer) - D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla\plugins\npo1d.dll (Google) CHR Plugin: (Unity Player) - D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (DNA Plug-in) - D:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) CHR Plugin: (DivX Player Netscape Plugin) - D:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) CHR Plugin: (DivX Web Player) - D:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) CHR Plugin: (Google Earth Plugin) - D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Updater) - D:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) CHR Plugin: (Google Update) - D:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Silverlight Plug-In) - D:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (Pando Web Plugin) - D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (Windows Presentation Foundation) - D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - D:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll () CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) CHR Profile: D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-27] CHR Extension: (Google Docs) - D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-27] CHR Extension: (Google Drive) - D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-27] CHR Extension: (YouTube) - D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-27] CHR Extension: (Google Search) - D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-27] CHR Extension: (Google Sheets) - D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-27] CHR Extension: (Google Wallet) - D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-20] CHR Extension: (Gmail) - D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-27] CHR HKLM\...\Chrome\Extension: [pkijdmeepjhpenmighhaodgfoogncnlk] - E:\Program Files\Offline Explorer\mpoe.crx [2013-02-01] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.FineReader.Professional.11.0; E:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC) S4 ABBYY.Licensing.FineReader.Professional.9.0; D:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe [566560 2007-09-24] (ABBYY (BIT Software)) R2 AVGIDSAgent; D:\Program Files\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.) R2 avgwd; D:\Program Files\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.) S2 BstHdAndroidSvc; D:\Program Files\BlueStacks\HD-Service.exe [409304 2014-08-13] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; D:\Program Files\BlueStacks\HD-LogRotatorService.exe [384728 2014-08-13] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; D:\Program Files\BlueStacks\HD-UpdaterService.exe [777944 2014-08-13] (BlueStack Systems, Inc.) S4 DroidExplorerService; D:\Program Files\Droid Explorer\DroidExplorer.Service.exe [255488 2012-10-14] (Ryan Conrad) [File not signed] R2 EPSON_EB_RPCV4_01; D:\Documents and Settings\All Users\Dane aplikacji\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION) R2 EPSON_PM_RPCV4_01; D:\Documents and Settings\All Users\Dane aplikacji\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION) S2 gupdate1c9b159953381da; D:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.) S3 IDriverT; D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R3 IISADMIN; D:\WINDOWS\system32\inetsrv\inetinfo.exe [15872 2008-04-15] (Microsoft Corporation) S3 IJPLMSVC; D:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [99936 2006-11-10] () R2 InCDsrv; D:\Program Files\Ahead\InCD\InCDsrv.exe [871424 2005-07-08] (Nero AG) [File not signed] R2 Iprip; D:\WINDOWS\System32\iprip.dll [35328 2008-04-15] (Microsoft Corporation) R2 KMWDSERVICE; D:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe [2179072 2007-05-08] (UASSOFT.COM) [File not signed] R2 libusbd; D:\WINDOWS\System32\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net) [File not signed] S3 LPDSVC; D:\WINDOWS\System32\tcpsvcs.exe [19456 2008-04-15] (Microsoft Corporation) S3 Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [30785672 2012-09-20] (Microsoft Corporation) S3 npggsvc; D:\WINDOWS\system32\GameMon.des [3882096 2012-10-15] (INCA Internet Co., Ltd.) R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed] R2 PCToolsSSDMonitorSvc; D:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [583640 2010-08-05] (PC Tools) S4 PDAgent; D:\Program Files\Raxco\PDFree\PDAgent.exe [1346312 2012-03-28] (Raxco Software, Inc.) S4 PDEngine; D:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2117384 2012-03-28] (Raxco Software, Inc.) R2 PDF Architect Helper Service; D:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; D:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) S4 PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [75136 2014-01-25] () S3 SCardDrv; D:\WINDOWS\System32\SCardSvr.exe [98304 2008-04-15] (Microsoft Corporation) R2 SMTPSVC; D:\WINDOWS\System32\inetsrv\inetinfo.exe [15872 2008-04-15] (Microsoft Corporation) S4 SSDPSRV; D:\WINDOWS\system32\svchost.exe [14336 2008-04-15] (Microsoft Corporation) S3 usprserv; D:\WINDOWS\System32\svchost.exe [14336 2008-04-15] (Microsoft Corporation) R2 VMAuthdService; E:\Program Files\vmware-authd.exe [86744 2014-10-29] (VMware, Inc.) R2 VMnetDHCP; D:\WINDOWS\system32\vmnetdhcp.exe [359128 2014-10-29] (VMware, Inc.) R2 VMUSBArbService; D:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [722624 2014-02-27] (VMware, Inc.) R2 VMware NAT Service; D:\WINDOWS\system32\vmnat.exe [437976 2014-10-29] (VMware, Inc.) R2 W3SVC; D:\WINDOWS\system32\inetsrv\inetinfo.exe [15872 2008-04-15] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; D:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R1 AmdK8; D:\WINDOWS\System32\DRIVERS\AmdK8.sys [43520 2006-06-18] (Advanced Micro Devices) S3 andnetadb; D:\WINDOWS\System32\Drivers\lgandnetadb.sys [25856 2011-09-06] (Google Inc) S3 AndNetDiag; D:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys [23040 2011-09-05] (LG Electronics Inc.) S3 ANDNetModem; D:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys [27776 2011-09-05] (LG Electronics Inc.) S3 andnetndis; D:\WINDOWS\System32\DRIVERS\lgandnetndis.sys [70400 2011-09-16] (LG Electronics Inc.) R2 atksgt; D:\WINDOWS\System32\DRIVERS\atksgt.sys [278984 2010-08-31] () R1 Avgdiskx; D:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriverl; D:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [192280 2014-07-24] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; D:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; D:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; D:\WINDOWS\System32\DRIVERS\avgldx86.sys [193304 2014-08-20] (AVG Technologies CZ, s.r.o.) R0 Avglogx; D:\WINDOWS\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; D:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; D:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; D:\WINDOWS\System32\DRIVERS\avgtdix.sys [199448 2014-07-02] (AVG Technologies CZ, s.r.o.) R1 avgtp; D:\WINDOWS\system32\drivers\avgtpx86.sys [43296 2014-12-09] (AVG Technologies) R2 BstHdDrv; D:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-08-13] (BlueStack Systems) R0 BtHidBus; D:\WINDOWS\System32\Drivers\BtHidBus.sys [20104 2010-04-06] (IVT Corporation.) R3 BTHidEnum; D:\WINDOWS\System32\DRIVERS\vbtenum.sys [11860 2005-04-30] () [File not signed] R0 BTHidMgr; D:\WINDOWS\System32\Drivers\BTHidMgr.sys [28271 2005-04-30] (IVT Corporation) [File not signed] R3 btkrnl; D:\WINDOWS\System32\DRIVERS\btkrnl.sys [853258 2005-08-29] (Broadcom Corporation.) [File not signed] S3 btnetBUs; D:\WINDOWS\System32\Drivers\btnetBus.sys [25864 2010-04-06] () S3 CCDECODE; D:\WINDOWS\System32\DRIVERS\CCDECODE.sys [16384 2004-07-09] (Microsoft Corporation) R2 cpuz133; D:\WINDOWS\system32\drivers\cpuz133_x32.sys [20968 2010-03-30] (Windows (R) Win 7 DDK provider) R2 DefragFS; D:\WINDOWS\system32\Drivers\DefragFS.sys [138768 2011-12-02] (Raxco Software, Inc.) S0 dmio; D:\WINDOWS\System32\DRIVERS\dmio.sys [153856 2008-04-15] (Microsoft Corp., Veritas Software) [File not signed] S3 DrvAgent32; D:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2010-06-17] (Phoenix Technologies) [File not signed] R1 dtsoftbus01; D:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [242240 2013-02-01] (DT Soft Ltd) R2 EIO1; D:\WINDOWS\system32\drivers\EIO1.sys [12800 2008-01-18] (ASUSTeK Computer Inc.) [File not signed] S3 gdrv; D:\WINDOWS\gdrv.sys [15600 2010-12-06] (Windows (R) 2000 DDK provider) S3 GT72NDISIPXP; D:\WINDOWS\System32\DRIVERS\Gt51Ip.sys [95744 2007-11-13] (Option NV) S3 GT72UBUS; D:\WINDOWS\System32\DRIVERS\gt72ubus.sys [51968 2007-11-13] (Option N.V.) R3 GTPTSER; D:\WINDOWS\System32\DRIVERS\gtptser.sys [8064 2007-11-13] (Option N.V.) R2 hcmon; D:\WINDOWS\system32\drivers\hcmon.sys [43840 2014-02-27] (VMware, Inc.) S3 HdAudAddService; D:\WINDOWS\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.) S3 HidNt; D:\WINDOWS\System32\DRIVERS\HIDNt.sys [18992 2008-04-18] (Microsoft Corporation) [File not signed] R4 InCDfs; D:\WINDOWS\system32\Drivers\InCDfs.sys [99584 2005-07-08] (Nero AG) [File not signed] R1 InCDPass; D:\WINDOWS\System32\DRIVERS\InCDPass.sys [29696 2005-07-08] (Nero AG) [File not signed] U1 InCDrec; D:\WINDOWS\system32\Drivers\InCDrec.sys [8704 2005-07-08] (Nero AG) [File not signed] R1 incdrm; D:\WINDOWS\system32\Drivers\incdrm.sys [28672 2005-07-08] (Nero AG) [File not signed] S3 IRENUM; D:\WINDOWS\System32\DRIVERS\irenum.sys [10496 2001-08-17] (Microsoft Corporation) [File not signed] R3 IvtBtBUs; D:\WINDOWS\System32\Drivers\IvtBtBus.sys [23048 2010-04-06] (IVT Corporation.) R2 LANPkt; D:\WINDOWS\System32\DRIVERS\LANPkt.sys [8440 2003-09-17] (Windows (R) 2000 DDK provider) [File not signed] R3 libusb0; D:\WINDOWS\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed] R2 lirsgt; D:\WINDOWS\System32\DRIVERS\lirsgt.sys [25416 2010-08-31] () S3 Mac606; D:\WINDOWS\System32\DRIVERS\Mac606.sys [26672 2008-04-18] () [File not signed] S3 Monfilt; D:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 MotioninJoyXFilter; D:\WINDOWS\System32\DRIVERS\MijXfilt.sys [81168 2011-01-01] (MotioninJoy) S3 MSIRCOMM; D:\WINDOWS\System32\DRIVERS\MSIRCOMM.sys [20096 2001-08-17] (Microsoft Corporation) [File not signed] S3 NdisIP; D:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2009-06-30] (Microsoft Corporation) S3 NPPTNT2; D:\WINDOWS\system32\npptNT2.sys [4682 2005-01-03] (INCA Internet Co., Ltd.) [File not signed] R0 nvata; D:\WINDOWS\System32\DRIVERS\nvata.sys [105472 2006-10-18] (NVIDIA Corporation) R3 NVENETFD; D:\WINDOWS\System32\DRIVERS\NVENETFD.sys [58368 2006-11-27] (NVIDIA Corporation) R3 nvnetbus; D:\WINDOWS\System32\DRIVERS\nvnetbus.sys [19968 2006-11-27] (NVIDIA Corporation) S3 PCAMPR5; D:\WINDOWS\system32\PCAMPR5.SYS [34688 2008-01-21] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] S3 PCANDIS5; D:\WINDOWS\system32\PCANDIS5.SYS [32128 2008-01-21] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] R3 pcouffin; D:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2009-03-31] (VSO Software) [File not signed] R0 PCTCore; D:\WINDOWS\System32\drivers\PCTCore.sys [207280 2009-09-23] (PC Tools) R3 pfc; D:\WINDOWS\System32\drivers\pfc.sys [10368 2003-12-05] (Padus, Inc.) [File not signed] S3 PPJoyBus; D:\WINDOWS\System32\drivers\PPJoyBus.sys [13952 2004-10-24] (Deon van der Westhuysen) [File not signed] S3 PPortJoystick; D:\WINDOWS\System32\drivers\PPortJoy.sys [28800 2004-10-24] (Deon van der Westhuysen) [File not signed] R3 Rasirda; D:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation) S3 rtl8139; D:\WINDOWS\System32\DRIVERS\R8139n51.SYS [46976 2002-10-04] (Realtek Semiconductor Corporation ) S3 s0016bus; D:\WINDOWS\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation) S3 s0016mdfl; D:\WINDOWS\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation) S3 s0016mdm; D:\WINDOWS\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation) S3 s0016mgmt; D:\WINDOWS\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation) S3 s0016nd5; D:\WINDOWS\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation) S3 s0016obex; D:\WINDOWS\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation) S3 s0016unic; D:\WINDOWS\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation) S3 s1039mdm; D:\WINDOWS\System32\DRIVERS\s1039mdm.sys [124016 2010-03-01] (MCCI Corporation) R0 sfsync03; D:\WINDOWS\System32\drivers\sfsync03.sys [35328 2005-12-06] (Protection Technology) [File not signed] R0 sfsync04; D:\WINDOWS\System32\drivers\sfsync04.sys [59264 2006-06-14] (Protection Technology (StarForce)) R0 sfvfs02; D:\WINDOWS\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [File not signed] R0 sptd; D:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-04-02] (Duplex Secure Ltd.) R1 Tcpip; D:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed] S3 TVICHW32; D:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [23600 2009-08-24] (EnTech Taiwan) [File not signed] R2 Vcs; D:\WINDOWS\system32\Drivers\Vcs.sys [6852 2004-11-14] () [File not signed] R3 vmkbd; D:\WINDOWS\system32\drivers\VMkbd.sys [26456 2014-10-29] (VMware, Inc.) R3 VMnetAdapter; D:\WINDOWS\System32\DRIVERS\vmnetadapter.sys [17104 2014-10-29] (VMware, Inc.) R2 VMnetBridge; D:\WINDOWS\System32\DRIVERS\vmnetbridge.sys [35032 2014-10-29] (VMware, Inc.) R2 VMnetuserif; D:\WINDOWS\system32\drivers\vmnetuserif.sys [26968 2014-10-29] (VMware, Inc.) R2 VMparport; D:\WINDOWS\system32\Drivers\VMparport.sys [24920 2014-10-29] (VMware, Inc.) S3 vmusb; D:\WINDOWS\System32\DRIVERS\vmusb.sys [32320 2014-02-27] (VMware, Inc.) R2 vmx86; D:\WINDOWS\system32\Drivers\vmx86.sys [66136 2014-10-29] (VMware, Inc.) R0 vsock; D:\WINDOWS\System32\drivers\vsock.sys [63824 2013-10-08] (VMware, Inc.) S3 vulfnths; D:\WINDOWS\System32\Drivers\vulfnth.sys [6912 2005-01-05] (VIA Technologies, Inc.) [File not signed] S3 vulfntrs; D:\WINDOWS\System32\Drivers\vulfntr.sys [11264 2005-06-06] (VIA Technologies, Inc.) [File not signed] S3 wceusbsh; D:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation) S4 IntelIde; No ImagePath U5 ScsiPort; D:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-15] (Microsoft Corporation) U3 a1j3q0is; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-27 13:26 - 2015-02-27 13:26 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Pulpit\Stare dane programu Firefox 2015-02-27 12:56 - 2012-07-05 21:06 - 00772544 _____ (Oracle Corporation) D:\WINDOWS\system32\npDeployJava1.dll 2015-02-27 12:56 - 2012-07-05 21:06 - 00687544 _____ (Oracle Corporation) D:\WINDOWS\system32\deployJava1.dll 2015-02-27 12:20 - 2015-02-27 12:20 - 00000000 ____D () D:\Program Files\PS3 Media Server 2015-02-27 12:11 - 2015-02-27 12:11 - 00150750 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\bez tytułu3.bmp 2015-02-27 12:09 - 2015-02-27 12:09 - 00001880 _____ () D:\WINDOWS\bitssetup.log 2015-02-27 12:04 - 2015-02-27 12:04 - 00207856 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\AVGWebTuneUp.exe 2015-02-26 22:17 - 2015-02-26 22:17 - 00609078 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\bez tytułu2.bmp 2015-02-26 22:12 - 2015-02-26 22:12 - 00596852 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\Shortcut.txt 2015-02-26 22:08 - 2015-02-26 22:13 - 00103778 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\Addition.txt 2015-02-26 22:07 - 2015-02-27 13:31 - 00031823 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\FRST.txt 2015-02-26 22:06 - 2015-02-26 22:06 - 01127424 _____ (Farbar) D:\Documents and Settings\Kuba i Michał\Pulpit\FRST.exe 2015-02-26 21:00 - 2015-02-27 13:30 - 00000000 ____D () D:\FRST 2015-02-25 21:46 - 2015-02-25 21:46 - 00010793 _____ () D:\Documents and Settings\Kuba i Michał\.recently-used.xbel 2015-02-25 21:00 - 2015-02-27 13:14 - 00000000 ____D () D:\Program Files\Mozilla Firefox 2015-02-21 16:17 - 2015-02-21 16:17 - 00000000 __SHD () D:\found.002 2015-02-15 12:35 - 2015-02-15 12:35 - 00001435 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\2.log 2015-02-14 21:39 - 2015-02-14 21:39 - 00380416 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\yl4nt1bx.exe 2015-02-12 16:34 - 2015-02-12 17:23 - 00409600 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\dziennik.mdb 2015-02-10 21:43 - 2015-02-10 21:46 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Pulpit\Zdjęcia z poczty 2015-02-10 19:42 - 2015-02-10 16:07 - 180081727 ____N () D:\Documents and Settings\Kuba i Michał\Pulpit\20150210_160518.mp4 2015-02-10 18:20 - 2015-02-10 18:28 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Pulpit\E-wyciąg 2015-02-08 14:27 - 2015-02-08 14:27 - 00000753 _____ () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2015-02-08 14:00 - 2015-02-08 14:27 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\.dia 2015-02-08 14:00 - 2015-02-08 14:00 - 00000000 ____D () D:\Documents and Settings\All Users\Menu Start\Programy\Dia 2015-02-08 13:52 - 2015-02-08 13:52 - 19620143 _____ (The Dia Developers) D:\Documents and Settings\Kuba i Michał\Pulpit\dia-setup-0.97.2-2-unsigned.exe 2015-02-08 13:40 - 2015-02-08 14:26 - 00012268 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\Diagram30.dia 2015-02-08 13:40 - 2015-02-02 12:08 - 00048553 ____N () D:\Documents and Settings\Kuba i Michał\Pulpit\3a12-VLSM.odt 2015-02-08 13:40 - 2015-02-02 12:08 - 00008569 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\Diagram30.dia~ 2015-02-08 13:38 - 2015-02-08 13:38 - 00055637 _____ () D:\Documents and Settings\Kuba i Michał\Pulpit\asdasd.zip 2015-02-07 16:12 - 2015-02-20 16:57 - 00001831 _____ () D:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2015-02-07 16:12 - 2015-02-07 16:12 - 00000000 ____D () D:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2015-02-07 16:10 - 2015-02-07 16:10 - 00880208 _____ (Google Inc.) D:\Documents and Settings\Kuba i Michał\Pulpit\ChromeSetup.exe 2015-02-07 13:14 - 2015-02-07 13:15 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Pulpit\pendrive 2015-02-07 12:06 - 2015-02-07 12:44 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\PIT Projekt 2014 2015-02-07 12:06 - 2015-02-07 12:09 - 00000000 ____D () D:\Program Files\PIT Projekt 2014 2015-02-07 12:06 - 2015-02-07 12:06 - 00000831 _____ () D:\Documents and Settings\All Users\Pulpit\PIT Projekt 2014.lnk 2015-02-07 12:06 - 2015-02-07 12:06 - 00000000 ____D () D:\Documents and Settings\All Users\Menu Start\Programy\GP SOFT 2015-02-07 11:49 - 2015-02-07 11:50 - 23532312 _____ (e-file sp. z o.o. ) D:\Documents and Settings\Kuba i Michał\Pulpit\setup_e-pity2014.exe 2015-02-05 20:38 - 2015-02-05 20:38 - 05070512 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerInstaller.exe 2015-02-04 20:46 - 2015-02-04 20:46 - 00065536 _____ () D:\WINDOWS\Minidump\Mini020415-01.dmp 2015-02-02 13:05 - 2015-02-02 13:05 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\Avanquest ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-27 13:31 - 2010-12-05 21:07 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\temp 2015-02-27 13:30 - 2009-03-16 21:48 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\uTorrent 2015-02-27 13:30 - 2009-03-16 21:02 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Pulpit 2015-02-27 13:26 - 2009-03-16 04:43 - 00000000 ____D () D:\WINDOWS\system32\inetsrv 2015-02-27 13:24 - 2010-08-29 11:14 - 01924766 _____ () D:\WINDOWS\WindowsUpdate.log 2015-02-27 13:23 - 2012-11-04 09:21 - 00000000 ____D () D:\Documents and Settings\LocalService\Dane aplikacji\VMware 2015-02-27 13:23 - 2012-11-03 18:55 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\VMware 2015-02-27 13:23 - 2009-03-16 21:02 - 00000000 __SHD () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Historia 2015-02-27 13:22 - 2011-07-30 08:08 - 00001032 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-27 13:22 - 2009-04-06 11:05 - 00000159 _____ () D:\WINDOWS\wiadebug.log 2015-02-27 13:22 - 2009-04-06 11:05 - 00000050 _____ () D:\WINDOWS\wiaservc.log 2015-02-27 13:22 - 2009-03-16 20:58 - 00000006 ____H () D:\WINDOWS\Tasks\SA.DAT 2015-02-27 13:17 - 2011-02-21 12:10 - 00032486 _____ () D:\WINDOWS\SchedLgU.Txt 2015-02-27 13:17 - 2011-01-22 14:57 - 00393216 _____ () D:\WINDOWS\system32\config\ACEEvent.evt 2015-02-27 13:17 - 2009-03-16 21:02 - 00000188 ___SH () D:\Documents and Settings\Kuba i Michał\ntuser.ini 2015-02-27 13:15 - 2009-03-16 21:01 - 00000000 ___HD () D:\Documents and Settings\NetworkService\Ustawienia lokalne\Historia 2015-02-27 13:15 - 2009-03-16 21:01 - 00000000 ___HD () D:\Documents and Settings\LocalService\Ustawienia lokalne\Historia 2015-02-27 13:14 - 2009-03-16 22:22 - 00000000 ____D () D:\WINDOWS\pss 2015-02-27 13:14 - 2009-03-16 03:48 - 00000000 ___HD () D:\Documents and Settings\All Users\Dane aplikacji 2015-02-27 13:13 - 2009-03-16 03:48 - 00000000 ____D () D:\Documents and Settings\All Users\Menu Start\Programy 2015-02-27 13:10 - 2009-03-30 10:54 - 00000000 ____D () D:\Documents and Settings\All Users\Menu Start\Programy\Aspyr 2015-02-27 13:06 - 2009-03-17 13:37 - 00000000 ____D () D:\Program Files\Asprate 2015-02-27 13:03 - 2011-06-09 19:40 - 00000000 ____D () D:\Program Files\Opera 2015-02-27 13:01 - 2010-03-13 22:19 - 00000000 ____D () D:\Program Files\OpenOffice.org 3 2015-02-27 13:01 - 2009-03-16 03:48 - 00000000 ___HD () D:\Documents and Settings\All Users\Szablony 2015-02-27 12:59 - 2011-10-18 17:10 - 00001164 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-299502267-839522115-1003UA.job 2015-02-27 12:56 - 2012-08-19 19:48 - 00000000 ____D () D:\Program Files\Oracle 2015-02-27 12:56 - 2009-04-04 15:17 - 00000000 ____D () D:\Program Files\Java 2015-02-27 12:55 - 2011-07-30 08:08 - 00001036 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-27 12:38 - 2013-12-19 11:23 - 00000930 _____ () D:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-02-27 12:35 - 2011-06-10 12:09 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\.smplayer 2015-02-27 12:32 - 2013-05-12 15:47 - 00000000 ____D () D:\Documents and Settings\All Users\PMS 2015-02-27 12:23 - 2014-12-22 11:12 - 00935179 _____ () D:\WINDOWS\setupapi.log 2015-02-27 12:22 - 2014-12-29 14:15 - 00009043 _____ () D:\WINDOWS\setupact.log 2015-02-27 12:14 - 2009-03-31 11:49 - 00000000 ____D () D:\WINDOWS\system32\Adobe 2015-02-27 12:14 - 2009-03-16 21:42 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Macromedia 2015-02-27 12:14 - 2009-03-16 21:42 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Adobe 2015-02-27 12:14 - 2009-03-16 21:02 - 00000000 ___RD () D:\Documents and Settings\Kuba i Michał\Menu Start\Programy 2015-02-27 12:14 - 2009-03-16 21:02 - 00000000 ___RD () D:\Documents and Settings\Kuba i Michał\Menu Start 2015-02-27 12:14 - 2009-03-16 20:57 - 00000000 ____D () D:\WINDOWS\system32\Macromed 2015-02-27 12:13 - 2010-05-24 15:45 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\Adobe 2015-02-27 12:13 - 2009-03-31 11:49 - 00000000 ____D () D:\Program Files\Common Files\Adobe 2015-02-27 12:13 - 2009-03-31 11:49 - 00000000 ____D () D:\Program Files\Adobe 2015-02-27 12:12 - 2014-08-15 09:13 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Adobe 2015-02-26 22:13 - 2009-03-17 14:58 - 00001324 _____ () D:\WINDOWS\system32\d3d9caps.dat 2015-02-26 21:53 - 2009-03-16 03:48 - 00000000 ____D () D:\Documents and Settings\All Users\Pulpit 2015-02-26 17:20 - 2012-07-17 19:32 - 00000000 ____D () D:\Documents and Settings\All Users\Dane aplikacji\MFAData 2015-02-26 14:59 - 2011-10-18 17:10 - 00001112 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-299502267-839522115-1003Core.job 2015-02-26 10:26 - 2012-04-25 07:14 - 00000000 ____D () D:\Program Files\Mozilla Maintenance Service 2015-02-25 21:46 - 2009-04-22 22:41 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\.gimp-2.6 2015-02-25 21:46 - 2009-03-16 21:02 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał 2015-02-25 21:24 - 2012-08-20 18:51 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\ChomikBox 2015-02-25 21:24 - 2009-08-15 12:09 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\Temp 2015-02-25 21:24 - 2009-05-31 21:02 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\.gstreamer-0.10 2015-02-25 10:55 - 2001-07-21 23:17 - 00002284 _____ () D:\WINDOWS\system32\wpa.dbl 2015-02-24 13:39 - 2011-06-29 21:45 - 00000924 _____ () D:\WINDOWS\Tasks\Google Software Updater.job 2015-02-24 10:32 - 2015-01-04 19:40 - 2145386496 _____ () D:\WINDOWS\MEMORY.DMP 2015-02-23 19:55 - 2009-03-16 21:02 - 00000000 ___HD () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji 2015-02-19 12:24 - 2010-12-05 21:07 - 00000000 ____D () D:\Documents and Settings\bot\Ustawienia lokalne\temp 2015-02-19 12:24 - 2010-12-05 21:07 - 00000000 ____D () D:\Documents and Settings\Administrator\Ustawienia lokalne\temp 2015-02-19 12:24 - 2010-03-21 13:42 - 00000000 ___HD () D:\Documents and Settings\bot\Ustawienia lokalne\Historia 2015-02-19 12:24 - 2009-09-25 17:39 - 00000000 __SHD () D:\Documents and Settings\Administrator\Ustawienia lokalne\Historia 2015-02-19 12:24 - 2009-06-23 16:59 - 00000000 __SHD () D:\Documents and Settings\bykaraca\Ustawienia lokalne\Historia 2015-02-19 12:24 - 2009-03-16 03:48 - 00000000 __SHD () D:\Documents and Settings\Default User\Ustawienia lokalne\Historia 2015-02-19 12:14 - 2009-03-16 21:02 - 00000000 __RHD () D:\Documents and Settings\Kuba i Michał\Dane aplikacji 2015-02-16 13:29 - 2014-12-15 13:32 - 00017583 _____ () D:\Documents and Settings\Kuba i Michał\debug.log 2015-02-16 11:17 - 2009-03-16 21:02 - 00000000 ___RD () D:\Documents and Settings\Kuba i Michał\Moje dokumenty 2015-02-16 11:05 - 2001-07-21 23:16 - 00000885 _____ () D:\WINDOWS\win.ini 2015-02-16 11:05 - 2001-07-21 23:15 - 00000246 _____ () D:\WINDOWS\system.ini 2015-02-15 13:19 - 2012-04-25 21:52 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Moje dokumenty\Pliki programu Outlook 2015-02-15 13:18 - 2014-09-12 15:19 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Pulpit\1 2015-02-14 13:59 - 2009-07-04 11:47 - 00000000 ____D () D:\Program Files\Tibia 2015-02-13 23:37 - 2011-10-19 15:49 - 00131072 _____ () D:\WINDOWS\system32\config\OAlerts.evt 2015-02-08 20:08 - 2009-12-14 20:16 - 00141824 _____ () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-05 20:38 - 2013-12-19 11:23 - 00701616 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerApp.exe 2015-02-05 20:38 - 2013-12-19 11:23 - 00071344 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-02-04 20:46 - 2009-03-31 16:10 - 00000000 ____D () D:\WINDOWS\Minidump 2015-02-02 13:05 - 2009-11-03 14:18 - 00000000 ____D () D:\Program Files\Avanquest update 2015-02-01 16:53 - 2009-03-28 16:01 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\Mozilla 2015-01-31 15:01 - 2012-11-03 18:57 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\VMware 2015-01-31 14:59 - 2012-11-03 18:57 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\VMware 2015-01-30 22:03 - 2013-11-29 22:34 - 00000000 ____D () D:\Documents and Settings\Kuba i Michał\Moje dokumenty\Deluxe Ski Jump 4 ==================== Files in the root of some directories ======= 2010-08-25 17:29 - 2010-08-25 17:30 - 17853214 _____ () D:\Program Files\Chicken Invaders 3 Xmas.rar 2010-07-09 20:58 - 2010-07-09 20:58 - 2355396 _____ () D:\Program Files\ElfBot NG.rar 2011-04-04 15:59 - 2011-04-04 15:59 - 2875392 _____ (Intel Corporation) D:\Program Files\libmmd.dll 2011-04-04 15:59 - 2011-04-04 15:59 - 0000125 _____ () D:\Program Files\plugin.ini 2009-07-18 13:58 - 2009-07-18 13:58 - 3012950 _____ () D:\Program Files\Remere's Map Editor.rar 2009-11-09 19:41 - 2010-05-25 13:31 - 3444170 _____ () D:\Program Files\TibiaBot NG.rar 2009-03-31 11:46 - 2004-10-01 14:00 - 0040960 _____ () D:\Program Files\Uninstall_CDS.exe 2011-04-04 15:59 - 2011-04-04 15:59 - 9752576 _____ (Chaos Group Ltd) D:\Program Files\vray2009.dll 2011-04-04 15:59 - 2011-04-04 15:59 - 0139776 _____ () D:\Program Files\vraydummy2009.max 2011-04-04 15:59 - 2011-04-04 15:59 - 0006213 _____ () D:\Program Files\vraydummy2009.xml 2011-04-04 15:59 - 2011-04-04 15:59 - 0159744 _____ () D:\Program Files\vrayspawner2009.exe 2009-06-13 15:18 - 2009-06-13 15:18 - 0002528 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\$_hpcst$.hpc 2010-08-14 22:36 - 2011-06-16 13:56 - 0000063 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\bynacam_config.ini 2009-03-31 10:34 - 2009-03-31 10:34 - 0087608 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\inst.exe 2013-10-21 18:10 - 2011-01-27 15:54 - 0139783 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\MinecraftSP.jar 2009-03-31 10:34 - 2009-03-31 10:34 - 0007887 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\pcouffin.cat 2009-03-31 10:34 - 2009-03-31 10:34 - 0001144 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\pcouffin.inf 2009-03-31 10:34 - 2009-03-31 10:34 - 0000034 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\pcouffin.log 2009-03-31 10:34 - 2009-03-31 10:34 - 0047360 _____ (VSO Software) D:\Documents and Settings\Kuba i Michał\Dane aplikacji\pcouffin.sys 2010-05-03 20:05 - 2014-01-25 21:59 - 0022328 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\PnkBstrK.sys 2013-10-21 18:10 - 2011-05-26 18:26 - 0000238 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\ReadMe.txt 2012-01-08 16:01 - 2012-01-08 16:11 - 0000042 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\TheHunterSettings_local.cfg 2009-03-31 10:34 - 2009-03-31 10:44 - 0000671 _____ () D:\Documents and Settings\Kuba i Michał\Dane aplikacji\vso_ts_preview.xml 2009-12-14 20:16 - 2015-02-08 20:08 - 0141824 _____ () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-08 14:27 - 2015-02-08 14:27 - 0000753 _____ () D:\Documents and Settings\Kuba i Michał\Ustawienia lokalne\Dane aplikacji\recently-used.xbel ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) D:\WINDOWS\explorer.exe => File is digitally signed D:\WINDOWS\system32\winlogon.exe => File is digitally signed D:\WINDOWS\system32\svchost.exe => File is digitally signed D:\WINDOWS\system32\services.exe => File is digitally signed D:\WINDOWS\system32\User32.dll => File is digitally signed D:\WINDOWS\system32\userinit.exe => File is digitally signed D:\WINDOWS\system32\rpcss.dll => File is digitally signed D:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================